diff --git a/debian/patches/disable-openssl-check.diff b/debian/patches/disable-openssl-check.diff
new file mode 100644
index 000000000000..b65edfc72537
--- /dev/null
+++ b/debian/patches/disable-openssl-check.diff
@@ -0,0 +1,15 @@
+--- a/raddb/radiusd.conf.in
++++ b/raddb/radiusd.conf.in
+@@ -483,7 +483,11 @@
+ 	#  and may not reflect patches applied to libssl by
+ 	#  distribution maintainers.
+ 	#
+-	allow_vulnerable_openssl = no
++	#  This version of FreeRADIUS is built as a Debian package that
++	#  depends on the right version of OpenSSL, so this is set by
++	#  default to allow the server to start.
++	#
++	allow_vulnerable_openssl = 'CVE-2014-0160'
+ }
+ 
+ # PROXY CONFIGURATION
diff --git a/debian/patches/series b/debian/patches/series
index 5ba2d18c5608..cba5c665198f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
 radiusd-to-freeradius.diff
+disable-openssl-check.diff
diff --git a/debian/rules b/debian/rules
index e2da7dc45be4..19bd231f3c99 100755
--- a/debian/rules
+++ b/debian/rules
@@ -160,7 +160,7 @@ install-arch: build-arch-stamp
 	
 	dh_strip -a --dbg-package=freeradius-dbg
 
-	dh_makeshlibs -a -n
+	dh_makeshlibs -a -n -V 'libssl1.0.0 (>= 1.0.1e-2+deb7u6)'
 	dh_shlibdeps -l$(freeradius_dir)/usr/lib/freeradius
 
 binary-common:
diff --git a/debian/shlibs.local b/debian/shlibs.local
new file mode 100644
index 000000000000..2c53dcf63682
--- /dev/null
+++ b/debian/shlibs.local
@@ -0,0 +1 @@
+libssl 1.0.0 libssl1.0.0 (>= 1.0.1e-2+deb7u6)